Bruce Schneier
Schneier on Security
A blog covering security and security technology.
« UK Border Security | Main | Fingerprinting Paper »
August 12, 2005
TSA and Spam
A reader sent this to me. He's corresponding with the TSA about getting his name off the watch list, and was told that he should turn off his e-mail spam filter.
-----Original Message-----
From: <> [mailto:tsa-donotreply@tsa.dot.gov]
Sent: Monday, August 01, 2005 11:46 AM
To: ((Name Deleted))
Subject: Your e-mail has been receivedPlease do not respond to this automated response.
Your e-mail has been received by the Transportation Security Administration's (TSA) Contact Center. Our goal is to respond as quickly as possible. However, at times, high volumes sometimes delay our response. We appreciate your patience. You may also find the answer to your question on our web site at www.tsa.gov .
To ensure that you are able to receive a response from the TSA Contact Center, we recommend that Spam filters be disabled and that your email account have ample space to receive large files and/or attachments.
Posted on August 12, 2005 at 8:15 AM • 21 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Michael Ash • August 12, 2005 8:39 AM
I don't really see anything special about this. "Turn off your spam filter" is standard advice for anybody sending out automated e-mails, which are often caught by spam filters. It's impractical, but then spam is making e-mail itself more and more impractical as time goes by.
Xavier Ashe • August 12, 2005 9:02 AM
The better warning is "future emails will be coming from monkey@tsa.dot.gov. Please add this email address to your white list."
Average Joe #1 • August 12, 2005 9:05 AM
'I don't really see anything special about this. "Turn off your spam filter" is standard advice for anybody sending out automated e-mails'
Shouldn't the advice be to whitelist the TSA sender address?
Ab Surd • August 12, 2005 9:27 AM
If you don't receive this message, please disable your Spam filter.
Bruce Schneier • August 12, 2005 9:40 AM
Yes. Sadly, there isn't anything really special about this.
Ian Eiloart • August 12, 2005 9:48 AM
Hmm,
Bruce - we can't see the content of the angle brackets in the FROM: line above (it shows in the RSS feed). It should, I think, read like this:
From: <<TSA-DONOTREPLY>> [mailto:tsa-donotreply@tsa.dot.gov]
That's an illegal header syntax. Our mailer will respond like this:
550 message header syntax is not valid, possibly an invalid recipient.
So, it's bad advice - but the recipient won't get it because the spam filter is going to reject it!
David F. Skoll • August 12, 2005 11:29 AM
Opportunities for social engineering abound.
The mail should have said to whitelist monkey@tsa.dot.gov as someone else posted. Otherwise spammers will send out official-looking notices asking people to disable spam filters.
Bruce Schneier • August 12, 2005 11:55 AM
The "whitelist" suggestions are good, but my assumption is that most people have no idea what a whitelist is.
Whatsup • August 12, 2005 12:35 PM
Is this the person's first contact to the TSA? If so, then perhaps, an auto-responder is necessary. Although I agree with comments suggesting that someone "downgrade" their security profile, by turning of SPAM filters, is not the correct approach.
However, the comments were "He's corresponding with the TSA about getting his name off the watch list". If this TSA email is the result of actual correspondence about watch list removal, not first contact, I have to wonder how much "churn" is taking place on the TSA watch list that the TSA needs an auto-responder to handle the volume.
martin • August 12, 2005 1:53 PM
Sounds like the TSA automated response is confusing "watch list" with "spam list"
carmudgeon • August 12, 2005 3:16 PM
Call me paranoid, but two possibilities occur to me. 1) This is someone spoofing a TSA email, and 2) the TSA wants to be able to deliver a payload ("we recommend that Spam filters be disabled and that your email account have ample space to receive large files and/or attachments") through which to monitor the corespondent. Either possibility is unsettling.
Chung Leong • August 12, 2005 3:54 PM
"Call me paranoid, but two possibilities occur to me. 1) This is someone spoofing a TSA email."
Looks like it. TSA is currently a part of the Department of Homeland Security (dhs.gov) and not the Department of Transportation (dot.gov). Of course, it's possible that someone forgot to change the address.
Whatsup • August 12, 2005 3:55 PM
@carmudgeon
I agree. What's up with the comment about large file attachments, why can't they just provide a link to the documents on their website?
What's next... "To ensure timely opening of large file attachments in email responses received from the TSA Contact Center, we recommend disabling anti-virus scanning programs..."
Senji • August 12, 2005 4:10 PM
> spam is making e-mail itself more and more impractical as time goes by.
email is dead, just like USENET. They're both kicking vigorously at the moment, though.
Chung Leong • August 12, 2005 4:21 PM
Well, I guess the e-mail is authentic. As a test, I sent a e-mail to TSA-ContactCenter@dhs.gov and got the same automated reply, tsa.dot.gov and all. That's just sad.
David Harmon • August 13, 2005 7:15 AM
Regardless of technical details, the attitude here is entirely typical: They want him to reduce his own security, for *their* purposes. Also known as, "bend over and take it". This fits right in with declaring people "suspicious characters" for objecting to full-body searches by strangers, and their other varied abuses and idiocies.
Not half as retarded as Time Warner insisting that I bypass my hardware firewall before they would send a tech out to diagnose my cable line problem, even though the cable modem itself was throwing hundreds of sync errors every hour. Apparently, they don't trust their tech support reps to decide if it's clear that the problem isn't on the LAN side.
Susie • August 12, 2008 8:23 AM
Hello, QUESTION?? I can't find any info
on taking food such as fresh field corn
as carryon for family gathering...
I am only talking about fresh corn say
1 to 2 dozen from the local farm..
Need answer ASAP....
mike • November 15, 2008 1:41 PM
1. The email addres is probably old and emails to this DOT get forwarded to DHS, pretty standard procedure used when a government body is moved from one sector to another.
2. it is normal for the turn off your spam filter message from any company of government agency you request assistance from (Blame the hackers and spammers) Though few companys handle this correctly, ie ask you to add their email address to your "safe" or address book.
3. You were already upset because some terrorist either shares your name or has possibly used it as an alias, it sucks, its a huge inconvienience but sometime you just have to suck it up and deal with the cards you were dealt.
Jim Fisher • December 10, 2009 11:03 AM
In early 2007, I boarded a plane in Toronto and flew to cincinnati.
After clearing security in Toronto, I went to a wait area where they had a duty free shop. I bought 2 liters of Grey Goose (my wife's favorite for martinis). When I asked about shipping, I was told to just stuff them in my carry-on bag.
So what is the deal about not being able to travel with flammable liquids (yes, the rule was in affect). I had 2 liters of highly flammable liquid and long neck bottles, when broken, make rather formidable weapons.
Subscribe to comments on this entry
Post a comment
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.
|
| Subscribe |
Subscribe via Kindle |
| Blog Menu |
SearchPowered by DuckDuckGoBlog Home Page
Archives by Date2013 J F M A M
Tags  |
| Latest Book |
more books by Bruce Schneier |
Comments